Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

axios should be updated #8852

Closed
3 tasks done
elcreator opened this issue Sep 6, 2021 · 3 comments
Closed
3 tasks done

axios should be updated #8852

elcreator opened this issue Sep 6, 2021 · 3 comments

Comments

@elcreator
Copy link

Before opening, please confirm:

JavaScript Framework

Angular

Amplify APIs

Not applicable

Amplify Categories

Not applicable

Environment information

# Put output below this line


Describe the bug

axios@0.21.1 is vulnerable https://snyk.io/vuln/npm:axios@0.21.1 so apps using aws-amplify/amplify-js have problems with security scanners. Please update it to 0.21.3

Expected behavior

axios@0.21.1 -> axios@0.21.3 in all dependencies

Reproduction steps

npm i
run security scanner

Code Snippet

// Put your code below this line.

Log output

// Put your logs below this line


aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

@aws-eddy
Copy link

aws-eddy commented Sep 7, 2021

Thanks for opening this issue, I am working on merging in the latest axios version. Will close when updated

@aws-eddy
Copy link

aws-eddy commented Sep 7, 2021

releasing a new version of Amplify with Axios patched today

@github-actions
Copy link

github-actions bot commented Sep 8, 2022

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 8, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants